Overview

overview

10

Static

static

1

75089d9f93...c.html

windows7-x64

1

75089d9f93...c.html

windows10-2004-x64

10

Analysis

  • max time kernel
    86s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75089d9f93055d83a5fa78784d85780c.html

  • Size

    91KB

  • MD5

    75089d9f93055d83a5fa78784d85780c

  • SHA1

    a683a4d62fc2b09c29424f26d673e0cb8006c46b

  • SHA256

    e2a4ee413c5a0c9e46506ab0dd62c0d956a31a4c012277c6cd33cdc106d7802c

  • SHA512

    4f38d4f05e1146cf474afad112d66ced3f676a2d6e6dd02236761873cf31497d48f0861db5b8b94e9b876389b92e399b8ef8be7237d2d71aa1f2577fc6031416

  • SSDEEP

    1536:DuB+p6XSkW3z2LHWFfexleUvF5Z+fnqbhOEdCOZogLzqfbq3e33tBPlJZPaBB8dE:DuWvWD1v0fWCOZogLzqfbq3e33tBPlJg

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Modifies Internet Explorer settings 1 TTPs 60 IoCs
    adwarespyware
  • Modifies registry class 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\75089d9f93055d83a5fa78784d85780c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1356 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:3872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    1d7f25dc2d6699e79619c31ff8908f6c

    SHA1

    de3c1be6c3f3e7f6eadbe715ae575794e5bf1221

    SHA256

    845c8a47772a9c534cf13a177c83c40db250a6dbbd0a369401ea884b8d058d6e

    SHA512

    7a6e1765a31821e79b766ea0675ed17d735a40766d5fcd6cc305a8d33b8257d11e492d4ad8626f2909e1c2c2d93e8d04ed133effd0a3ec29324ec3ca36a22a1e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C207D367B78A5B58037989FA2D1AD2F9
    Filesize

    503B

    MD5

    65b1cec4b166243278be07e10ba7c10f

    SHA1

    f91044c1cfc7071b7732276bbee91b131ef1874d

    SHA256

    a0f669cbab34aae5d099d16fdcd95c2869233d7e1b5ca1abd16dc40a4c5c0354

    SHA512

    3b41a128ab4f51fefc614caf61afdf80facd8c7f61854d662487d093f3aabeffc7f7ea2a01ed6ffcf9ff02debf0c6cbc8cffbba5fed7ce6dc50ba2a41f146519

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CB4C4B7EA7318885A9D8E0E658ACBE5C
    Filesize

    503B

    MD5

    b93d7852ff4b7945c30ca176b16120c6

    SHA1

    8c5a8c9def12055ae9fe7697a3b61a3bc9e8e8b3

    SHA256

    5454fed3e70b99bf1cbba89c67ff8b277c0b190b95910d23aa564280bb4a69e8

    SHA512

    f7e095bc33f9dab543ecefbe773a2241d0ac203378cbe70fa03fa78a71181cd6df1802a1600f8ad20dece381edc01f09af7b336f40b55123c455a9a4227d7b8e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E94A0261E4F7ADE293F96AA7BE7D90D2
    Filesize

    503B

    MD5

    1b8bba0b8131d13e1680f8a64f0505e9

    SHA1

    152be05acd5f118b3a535a57d56a52ec451c26b5

    SHA256

    be18d3b02553fec8a66c0bf8ba22a9cc864ad6a14bd79e3ef9e532a899016d03

    SHA512

    4d0cf89abd26fb052e860a42054460a64db22d2027d8d764a458f0f87ce83d156b7a115c080a6325bbb11253160ecbbe48fd3fb139fc687b6d272b120d7a6e26

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    e958ddf9d09efae697b7aa18a514c259

    SHA1

    d48f031c61e36b099b3a008c68934c29fe35f600

    SHA256

    83fd8d72391262ccd8dbaa8adbfe61a5e455c93376dbfd3490555843c8f67162

    SHA512

    ac69d811d6b28bf78022d888add2941eb822aef08bb446d7ecd1838439ecac843b9966dbe57cfc8696b419930d06a55ff0508819e5e8e2405f666bcddc65b5d4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C207D367B78A5B58037989FA2D1AD2F9
    Filesize

    548B

    MD5

    b82eee8369cd528eefb59d71bb41308d

    SHA1

    1e944edf3b048f78d5639c8531ca6eeeeb609887

    SHA256

    892253fa0c412d66db9f8d2c58b5695b422f6773dbd07a9e6276db92321cfa03

    SHA512

    2b6ccd58a5cfd81b411947611a4d07c83d040b29187a26ff2e4bfe21e7c1c13f99561d489179eaff2bc5cf55a06f4a90bbc5acd2242e49053f82998066515dc2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CB4C4B7EA7318885A9D8E0E658ACBE5C
    Filesize

    548B

    MD5

    60fc68c062c35935a78bb1063daaec43

    SHA1

    7a90b0ac9d229d000a754535e7465eef2d60fadf

    SHA256

    111d2cb570da99a021c72539e9664e99c522ac1cef143f5d84122bb2cb322f62

    SHA512

    36ed58a92c95ae904eb3e405f2e9b188b09f8459ef1fed86e6743b968a42e51c8f0529fa979e35bcb501abc50e0868d6678708369a307ef34c17a404f595d438

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E94A0261E4F7ADE293F96AA7BE7D90D2
    Filesize

    552B

    MD5

    bd7f630b03eb9e33f1adfc61a1a7e419

    SHA1

    5b8124b7e9eea5b2a7fe6b0a21c6b71a4ac6f0d4

    SHA256

    e44ce33f585a5bdf072c283b5dc1975a081b123e94b06c6ca901462588b41640

    SHA512

    4d6b69d88251a21aca87e3c14002cf3bd2346533aa82bb128934197e71660417b998be18c89622564ceae25e25f666e5d7aa3c283f8e93ed02fa89a2831d0fb7

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8D1Z5HG5\pagebar[1].htm
    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8D1Z5HG5\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\GG17NQDF\sale_form[1].js
    Filesize

    761B

    MD5

    64f809e06446647e192fce8d1ec34e09

    SHA1

    5b7ced07da42e205067afa88615317a277a4a82c

    SHA256

    f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

    SHA512

    5f61bbe241f6b8636a487e6601f08a48bffd62549291db83c1f05f90d26751841db43357d7fe500ffba1bc19a8ab63c6d4767ba901c7eded5d65a1b443b1dd78

    Download Submit